Example skip rate limit middleware?

default discord avatar
ericpugh
5 months ago
4

Hello. I'm trying to skip the API rate limits for requests made by an authenticated user with a particular role. The docs mention a "skip" Express middleware function that can be used, but I'm not sure how to get the user from the request object. Is there an example somewhere using the "skip" property?



I couldn't figure this out. I ended up with a somewhat dumb solution passing a secret as a header


  rateLimit: {
    trustProxy: true,
    skip: ({ headers }) => {
      return typeof headers['x-api-key'] !== undefined && headers['x-api-key'] === process.env.PAYLOAD_ADMIN_API_KEY;

    }
  },  
  • default discord avatar
    notchr
    5 months ago

    @ericpugh I believe that the user should be available on the req object in express (as long as payload.authenticate() is called)



        skip: (request, response) => {
              console.log(request.user)
              return false // no requests skipped by default
            }


    Actually, not sure you need

    payload.authenticate()

    before this, but IIRC that tells express to check the session

Open the post
Continue the discussion in Discord
Like what we're doing?
Star us on GitHub!

Star

Connect with the Payload Community on Discord

Discord

online

Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.